Security News > 2020 > January > Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks
The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers.
Group-IB helped Interpol identifying the suspects with its digital forensics expertise and "During the special operation, Indonesian Cyber Police seized laptops, mobile phones of various brands, CPU units, IDs, BCA Token, and ATM cards."
Just like most of the other widespread Magecart attacks, the modus operandi behind this series of attacks also involved exploiting unpatched vulnerabilities in e-commerce websites powered by Magento and WordPress content management platforms.
Hackers then secretly implanted digital credit card skimming code-also known as web skimming or JS sniffers-on those compromised websites to intercept users' inputs in real-time and steal their payment card numbers, names, addresses and login details as well.
Though Indonesian police claim these hackers had compromised 12 e-commerce websites, experts at cybersecurity firm Sanguine Security believe the same group is behind the credit card theft at more than 571 online stores.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/Vk7H4sRNfNU/indonesian-magecart-hackers.html
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)